moby--moby

History

Aleksa Sarai 2f7596aaef apparmor: do not save profile to /etc/apparmor.d Writing the profile to /etc/apparmor.d, while also manually loading it into the kernel results in quite a bit of confusion. In addition, it means that people using apparmor but have /etc mounted read-only cannot use apparmor at all on a Docker host. Fix this by writing the profile to a temporary directory and deleting it after it's been inserted. Signed-off-by: Aleksa Sarai <asarai@suse.de>	2016-09-13 16:25:16 +10:00
..
apparmor.go	apparmor: do not save profile to /etc/apparmor.d	2016-09-13 16:25:16 +10:00
template.go	profiles: apparmor: remove unused fields	2016-03-20 19:01:49 +11:00

apparmor: do not save profile to /etc/apparmor.d

Writing the profile to /etc/apparmor.d, while also manually loading it
into the kernel results in quite a bit of confusion. In addition, it
means that people using apparmor but have /etc mounted read-only cannot
use apparmor at all on a Docker host.

Fix this by writing the profile to a temporary directory and deleting it
after it's been inserted.

Signed-off-by: Aleksa Sarai <asarai@suse.de>

2016-09-13 16:25:16 +10:00

apparmor.go

apparmor: do not save profile to /etc/apparmor.d

2016-09-13 16:25:16 +10:00

template.go

profiles: apparmor: remove unused fields

2016-03-20 19:01:49 +11:00